CVE-1999-0143Kerberos vulnerability

4 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 75.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
MIT KerberosProcess Software MultinetSUN Sunos
Timeline
PublishedFeb 21
Latest updateApr 30

Description

Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

NVDmit/kerberos4.0
NVDsun/sunos5.3, 5.4+1

🔴Vulnerability Details

2
GHSA
GHSA-vhvw-7mgj-5p4w: Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys2022-04-30
CVEList
CVE-1999-0143: Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys1999-09-29

💥Exploits & PoCs

1
Exploit-DB
samPHPweb 4.2.2 - 'db.php' Remote File Inclusion2008-01-04
CVE-1999-0143 — MIT Kerberos vulnerability | cvebase